Dover, DE - IT - DTI - Security Office - Information Security Analyst 1

Expedite Talent Solutions

Dover, DE

JOB DETAILS
SKILLS
Access Control, Amazon Web Services (AWS), Analysis Skills, Automation, Best Practices, Cloud Architecture, Cloud Computing, Communication Skills, Computer Science, DNS (Domain Name System), Endpoint Security, Firewalls, GCP (Good Clinical Practices), Hunting, ISO (International Organization for Standardization), Identity Data Management, Incident Response, Information/Data Security (InfoSec), Infrastructure as a Service (IaaS), Internet Application, Intrusion Detection Systems, Intrusion Detection and Prevention (IDP), Intrusion Prevention Systems, Leadership, Load Balancing, Loss Prevention, Mentoring, Microsoft Product Family, Microsoft Windows Azure, Multiplatform/Cross-Platform, Network Protocols, Network Routing, Network Security, Network Switching, Network Traffic Analysis, Presentation/Verbal Skills, Protective Services, Python Programming/Scripting Language, Regulatory Compliance, Scripting (Scripting Languages), Security Analysis, Security Compliance, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Security Policy, Single Sign-On (SSO), Software Engineering, Strategic Planning, U.S. National Institute of Standards and Technology (NIST), VPN (Virtual Private Network), Wireshark (Ethereal), tcpdump
LOCATION
Dover, DE
POSTED
1 day ago
Title: Information Security Analyst 1 (ISA1)
Bill Rate: ***
Interviews: Virtual via teams (please make sure you candidates are in a well light room and have their camera on)
Onsite:100%

Senior Security Engineer

This role requires a highly skilled and experienced cloud security professional with a deep understanding of securing
cloud workloads, tools and services. A strong preference would be given to candidates with prior Zero Trust Network
Access (ZTNA) principles and a proven track record of implementing and managing secure cloud environments across
multiple platforms. The ideal candidate will possess a strong combination of technical expertise and operational
leadership. A candidate that brings strong experience in GCP cloud services to the state s multi-cloud program would be
desired.

I. Core Technical Skills & Experience
Zero Trust Network Access (ZTNA): The candidate must have extensive experience in ZTNA engineering and automation,
ensuring secure, scalable, and policy-driven access control. This includes architecting and approving ZTNA
configurations, implementing identity-aware segmentation, enforcing least privilege access policies, and leading the
transition from traditional VPNs to ZTNA solutions. A deep understanding of NIST 800-207 and Zero Trust Architecture
best practices is essential, along with hands-on experience with ZTNA technologies, particularly Zscaler.
Cloud Platform Expertise: The candidate must demonstrate a comprehensive understanding of cloud security platforms
and Infrastructure As A service (IAAS) solution providers like Google, Amazon and Microsoft. This includes in-depth
knowledge of each provider's security services (e.g., IAM, security centers, firewalls, key management, logging, and
monitoring tools), as well as the ability to design and implement secure cloud architectures. The candidate should be
well-versed in cloud-native security controls, security posture management (CSPM) tools, and best practices for ensuring
compliance with relevant security frameworks (NIST, ISO, SOC 2).

Identity and Access Management (IAM): Working knowledge of IAM concepts and best practices is crucial, with specific
experience in Okta preferred. The candidate should be proficient in implementing least privilege access controls,
federation, single sign-on (SSO), and other IAM solutions across multiple cloud platforms.
Security Automation and Orchestration: The candidate should possess a strong understanding of automation pipelines
and experience with scripting and automation tools such as Python, Terraform, CloudFormation, and Azure Resource
Manager. The ability to automate security tasks and processes, as well as experience with Security Orchestration,
Automation, and Response (SOAR) platforms, is highly desirable.

Security Monitoring and Incident Response: Experience with Security Information and Event Management (SIEM)
logging and analysis is essential, along with an understanding of Endpoint Detection and Response (EDR) and Extended
Detection and Response (XDR) concepts. The candidate must be capable of analyzing security logs and alerts, conducting
threat hunting, and participating in incident response procedures and methodologies.

Security Policy, Compliance, and Governance: A working knowledge of current security policies, federal and state
compliance regulations, and governance standards is necessary. The candidate should be able to implement security
controls to meet compliance requirements and have experience with cloud-specific compliance frameworks like
FedRAMP.

Data Security: The candidate must demonstrate an understanding of data classification standards and experience with
data loss prevention (DLP) configurations.

Network Security: A deep understanding of modern networking standards, including Zero Trust principles, is crucial. The
candidate should have extensive experience with network security concepts and technologies, including firewall
management, intrusion detection/prevention systems (IDS/IPS), network segmentation, VPNs, routing and switching
protocols, network traffic analysis, and network security tools (e.g., Wireshark, tcpdump). Experience with Network
Access Control (NAC), DNS security, load balancers, and web application firewalls (WAFs) is also highly desirable.
Endpoint Security: The candidate should possess an understanding of endpoint security concepts and technologies.
II. Soft Skills & Experience

Leadership and Communication: The candidate should be able to lead and mentor junior security engineers, possess
excellent communication and presentation skills, and effectively explain complex technical concepts to non-technical
audiences.

Problem-Solving and Critical Thinking: Strong analytical and problem-solving skills are vital, along with the ability to
think critically and strategically, anticipate security risks, and develop effective mitigation strategies.

III. Education and Certifications (Preferred)
" Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
" Relevant certifications (e.g., CISSP, CCSP, AWS Certified Security Specialty, Google Cloud Certified Professional
Cloud Security Engineer, Microsoft Certified: Azure Security Engineer Associate).
IV. Experience Level
" Minimum of 7-10 years of experience in information security, with a focus on cloud security and ZTNA.
" Significant experience with GCP, AWS, and/or Azure.
" Demonstrated experience in implementing and managing ZTNA solutions

About the Company

E

Expedite Talent Solutions